On Sunday, February 25, 2007 04:21:45 PM -0600 Nicolas Williams
<[EMAIL PROTECTED]> wrote:
A while back I designed such an API, which I called the generic
credential store API (GCS-API) that provides a way to get a handle to
the current credential store for a given thread, process, session o
On Sun, Feb 25, 2007 at 06:47:38PM -0800, Henry B. Hotz wrote:
> On Feb 23, 2007, at 10:10 PM, Nicolas Williams wrote:
> >BTW, a PAG facility that's faithful to the AFS notion of PAGs
> >should be
> >relatively easy to specify and implement for Solaris, but it will be
> >more involved than you mi
BTW, Solaris tasks approach the semantics of PAGs. See settaskid(2).
They're not quite what you want for two reasons: a) they're already in
use for something else, so you don't know that someone isn't going to
change a process' taskid without doing the AFS thing to keep credentials
associated wit
On Sun, Feb 25, 2007 at 02:21:08AM -0500, Marcus Watts wrote:
> Going the other way from what Nico proposes, why not have a very
> general per-module way for modules to add resources per-process?
>
> There's really only a few points where the "generic" environment
> needs to interact with the modu
On Mon, 26 Feb 2007, Nicolas Williams wrote:
> On Sun, Feb 25, 2007 at 06:47:38PM -0800, Henry B. Hotz wrote:
> > On Feb 23, 2007, at 10:10 PM, Nicolas Williams wrote:
> > >BTW, a PAG facility that's faithful to the AFS notion of PAGs
> > >should be
> > >relatively easy to specify and implement fo
On Feb 23, 2007, at 10:10 PM, Nicolas Williams wrote:
BTW, a PAG facility that's faithful to the AFS notion of PAGs
should be
relatively easy to specify and implement for Solaris, but it will be
more involved than you might have thought. That's because we have
proc(4), proc(1), truss(1) and
Nicolas Williams <[EMAIL PROTECTED]> writes:
...
> We've waffled internally about how best to deal with PAGs. Partly we
> (well, I) worry that the way PAGs work PAGs are too closely linked to a
> single network authentication mechanism and credentials, therefore it's
> not general enough for us si
On Sat, 24 Feb 2007, Nicolas Williams wrote:
> I'm not sure how important it is to have per-session network
> credentials, but I do sympathize -- if nothing else it's what AFS users
> are accustomed to. Issues surrounding how per-user network credentials
> are handled are a separate, but related
On Fri, Feb 23, 2007 at 12:03:58PM -0600, Douglas E. Engert wrote:
> Jeffrey Hutzelman wrote:
> >On Friday, February 23, 2007 09:23:21 AM -0600 "Douglas E. Engert"
> ><[EMAIL PROTECTED]> wrote:
> >>So getting 100,000 in equipment is only part of it. If you are
> >>willing to state a desire to tage
Jeffrey Hutzelman wrote:
On Friday, February 23, 2007 04:22:22 PM -0600 "Douglas E. Engert"
<[EMAIL PROTECTED]> wrote:
Same here. Symlinks to a .Dotfile directory. Messy but works.
(My home directory has been in AFS since 1992.)
But until this general problem can be solved on *all* platfo
On Friday, February 23, 2007 04:22:22 PM -0600 "Douglas E. Engert"
<[EMAIL PROTECTED]> wrote:
Same here. Symlinks to a .Dotfile directory. Messy but works.
(My home directory has been in AFS since 1992.)
But until this general problem can be solved on *all* platforms
one can not tighten down
Jeffrey Hutzelman wrote:
On Friday, February 23, 2007 12:03:58 PM -0600 "Douglas E. Engert"
<[EMAIL PROTECTED]> wrote:
So to force sshd to use a session based cache we added a
"pam_krb5_cache.so.1 cache=/tmp/krb5cc_%u_%p" to set the cache name.
Horray for extensibility!
Also as you m
On Friday, February 23, 2007 12:03:58 PM -0600 "Douglas E. Engert"
<[EMAIL PROTECTED]> wrote:
So to force sshd to use a session based cache we added a
"pam_krb5_cache.so.1 cache=/tmp/krb5cc_%u_%p" to set the cache name.
Horray for extensibility!
Also as you must already know, I have bee
At 7:51 PM -0500 2/22/07, Jeffrey Altman wrote:
Tom has proposed that OpenAFS submit a hardware grant request to Sun.
It is believed that we can obtain up to $100,000 in 1U X86 boxes that
we could use for a test infrastructure. Sun may be tempted to provide
this equipment if OpenAFS was to stat
Jeffrey Altman <[EMAIL PROTECTED]> wrote:
> Tom has proposed that OpenAFS submit a hardware grant request to Sun.
>
> It is believed that we can obtain up to $100,000 in 1U X86 boxes that
> we could use for a test infrastructure. Sun may be tempted to
> provide this equipment if OpenAFS was to sta
I has a free Sun for a while. They were giving them away to developers.
Sun is very supportive and very interested in adding solutions to their
portfolio.
The project was to use AFS for a large hospital as a JAHCO required backup
system - in lieu of paperwork while I shut down 300 servers in the
Jeffrey Hutzelman wrote:
On Friday, February 23, 2007 09:23:21 AM -0600 "Douglas E. Engert"
<[EMAIL PROTECTED]> wrote:
So getting 100,000 in equipment is only part of it. If you are
willing to state a desire to taget OpenSolaris, Sun should be willing
to state a desire to integration of A
Jeffrey Altman wrote:
Tom has proposed that OpenAFS submit a hardware grant request to Sun.
It is believed that we can obtain up to $100,000 in 1U X86 boxes that we
could use for a test infrastructure. Sun may be tempted to provide this
equipment if OpenAFS was to state a desire to target Open
On Friday, February 23, 2007 09:23:21 AM -0600 "Douglas E. Engert"
<[EMAIL PROTECTED]> wrote:
So getting 100,000 in equipment is only part of it. If you are
willing to state a desire to taget OpenSolaris, Sun should be willing
to state a desire to integration of AFS credential handling
in th
Jeffrey Altman wrote:
Tom has proposed that OpenAFS submit a hardware grant request to Sun.
It is believed that we can obtain up to $100,000 in 1U X86 boxes that we
could use for a test infrastructure. Sun may be tempted to provide this
equipment if OpenAFS was to state a desire to target Op
On Feb 22, 2007, at 7:54 PM, Derrick J Brashear wrote:
On Thu, 22 Feb 2007, Jeffrey Altman wrote:
Tom has proposed that OpenAFS submit a hardware grant request to Sun.
It is believed that we can obtain up to $100,000 in 1U X86 boxes
that we
could use for a test infrastructure. Sun may be
On Thu, 22 Feb 2007, Jeffrey Altman wrote:
Tom has proposed that OpenAFS submit a hardware grant request to Sun.
It is believed that we can obtain up to $100,000 in 1U X86 boxes that we
could use for a test infrastructure. Sun may be tempted to provide this
equipment if OpenAFS was to state a
Tom has proposed that OpenAFS submit a hardware grant request to Sun.
It is believed that we can obtain up to $100,000 in 1U X86 boxes that we
could use for a test infrastructure. Sun may be tempted to provide this
equipment if OpenAFS was to state a desire to target OpenSolaris as a
preferred o
23 matches
Mail list logo
